Trouble logging in?If you can't remember your password or are having trouble logging in, you will have to reset your password. If you have trouble resetting your password (for example, if you lost access to the original email address), please do not start posting with a new account, as this is against the forum rules. If you create a temporary account, please contact us right away via Forum Support, and send us any information you can about your original account, such as the account name and any email address that may have been associated with it.

I know I probably sound pretty desperate....(I am) I have just been infected with this virus >>WIN32/Adware.Virtumonde and WIN32/PrivacyRemover.M64 from downloading a program. (This is the last time I'll be doing this) I need some help with removing it.I am no computer expert. Can anyone offer their solutions to this problem?

Removal tool after you run this tool, (registry) check HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run

DELETE this from the entires
HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Policies\System \NoDispBackgroundPage and [same]\NoDispScrSvrPage (they are both set to 1. Delete both entries.

Hey again!!
I followed your instructions....Here's the logs for you to check again!! Thanks so much!! Restarted my computer and the annoying automatic redirection by mozilla firefox to a scam website has stopped. Again!! Thank you!!

People reading this thread need to start running Windows without administrator privileges! Set up an account for yourself without admin privileges (Control Panel > Users) and use that exclusively. This problem arose because some malware rewrote your DNS resolver records. If you're not an admin, these kinds of hijackings become a lot more difficult.

Some mis-behaved software doesn't like running without admin privileges. Either log in as the Administrator to run just those programs, or use the "Run As" feature in Windows to run just those programs as Administrator.

You should never need to browse as anything other than an "ordinary" (unprivileged) user.

This is one of the biggest security holes in Windows, and one of the easiest to fix.

1) I'd suggest deleting the other thread you started. Ask a moderator to do it for you, if the software won't allow you to do it yourself. For that, I'd go to the first message in the other thread, then click the exclamation point button ("Report Post") and ask that the thread be deleted.

2) Cats suggested using spoiler tags to make your post more readable. Here's how

[spoiler=my hijack this log]
giant wall of text
[/spoiler]

Then the text will look like this:

Spoiler for my hijack this log:

giant wall of text

If you're not comfortable typing the [] tags, you can accomplish the same thing by highlighting all the text you want to put in spoilers, then clicking the yellow caution sign button with the peeking girl in the editor.

After you've cleaned up this problem, read my comment above about not running with Administrator privileges.

hijack this log
Deckard's System Scanner v20071014.68
Run by Jennifer on 2008-09-03 06:03:21
Computer is in Normal Mode.
--------------------------------------------------------------------------------

Then go into the folders where the files are located and remove them (you might have to reboot back into safe mode to do this after you've done the fixing in hijack this) plus you should disable system restore as some malware will hide in there and constantly restore itself after you've removed it.

It also looks like you have a variant of the trojan downloader Win32.Mutant.yf so I'd also suggest doing a full anti-virus scan with the trial of windows live onecare (you'd only need to use the trial) plus make sure to disable system restore before you do ANYTHING since these nasties could be hiding in there and will respawn once their removed from the main system (also find the files on your computer after you've gotten all that sorted out and kill them in case the anti-virus scans don't)

Yes, that is the screen I was seeing on my desktop. Now I have control of my control panel again. The file "WinCtrl32.dll" is still not deleting but the symptoms of the malware are gone. I could not find the XP Guard files or registry entries listed but the initial run of SmitFraudFix took care of it.